Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with a bundle of malware


  • This topic is locked This topic is locked
36 replies to this topic

#1 Edmorf

Edmorf

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 01 April 2016 - 11:38 AM

I have a windows 8.1 computer
 
I will be very honest. I was trying yesterday to download from the pirate bay, the daemon tools lite. It was full of nasty malware and who knows what else. I realized this when my computer started installing stuff on its own and my malwarebytes started blocking malware.
 
I payed for the full suscription of malwarebytes and until yesterday it was running ok.
 
I disconnected my laptop from the internet to stop dowloading viruses and I also unplugged the hard drive where I downloaded the torrent file. I started Malware bytes and after 1 hour it found almost 3500 evil stuff. I quarantined everything and I deleted it, I also saved the text file from malware bytes, but oddly it does not show the 3500 evil guys.
 
I then restarted my laptop and when it turned on again, I did have some strange programs (apparently chinese or korean) one had a nice icon resembling a fox with tattos (or something) the other one was installed in the task bar and apparently was kind of a "acceleration program" also in chinese or korean. I ran again malware bytes and it again found almost 3500 evil guys. I quarantined them all and I deleted them all. By then I was looking for solutions in this site. I downloaded from here the adware tool removal and it succesfully deleted the chinese or korean "programs". By now the computer seems ok, but I believe it has still some nasty things. It won't connect to the internet (I am currently writing from a linux computer laptop) and I can not get malwarebytes to run again, it says that: (roughly translated from spanish: the application can't start correctly (0XC0000142), click on accept to close it), and that's why I am currently here.
 
Today I am reading and following the steps from the preparation guide  and I have  the FRST.txt and the addition.txt (attached as the instructions say)
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Bayo (administrator) on ACER (01-04-2016 10:01:49)
Running from D:\progs
Loaded Profiles: Bayo (Available Profiles: Bayo & sadel_000)
Platform: Windows 8.1 Single Language (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Google Inc.) C:\Users\Bayo\AppData\Local\Google\Update\GoogleUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Bayo\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Ruling Tec Pte Ltd) C:\Program Files (x86)\VibrateGameDeviceDriver\rfpicon.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
(mycomputer) C:\Program Files (x86)\badu\sys.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Akamai Technologies, Inc.) C:\Users\Bayo\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13449288 2013-03-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016432 2013-03-06] (Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [RTBatteryMeter] => C:\Program Files (x86)\VibrateGameDeviceDriver\RFPIcon.exe [49152 2003-01-16] (Ruling Tec Pte Ltd)
HKLM-x32\...\Run: [niDevMon] => C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [119120 2014-02-12] (National Instruments Corporation)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCTray.exe"  /regrun
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\badu\sys.exe [434238 2016-03-29] (mycomputer)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Atheros Communications)
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\Run: [Google Update] => C:\Users\Bayo\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Bayo\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\Run: [Dropbox Update] => C:\Users\Bayo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\MountPoints2: {211a25df-dbed-11e4-80ce-089e01a627a2} - "E:\_aom.exe"  
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\MountPoints2: {211a27ab-dbed-11e4-80ce-089e01a627a2} - "F:\instalar.exe"  
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [589312 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-03-31]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
Startup: C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-03-31]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2014-06-06] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D3551BC3-5968-4C2D-B601-8BFB25B79AAF}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{DF30F639-603F-439E-B9B5-04C5FD59CBBE}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002 -> DefaultScope {A969B05E-7725-4A06-B1A7-FA75093A050D} URL =  
SearchScopes: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002 -> {A969B05E-7725-4A06-B1A7-FA75093A050D} URL =  
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-16] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-05-20] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-05-20] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Bayo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-05-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-05-20] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2466116663-3634806204-2722683822-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Bayo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2466116663-3634806204-2722683822-1002: @talk.google.com/O1DPlugin -> C:\Users\Bayo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2466116663-3634806204-2722683822-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2466116663-3634806204-2722683822-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Bayo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Bayo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
 
Chrome:  
=======
CHR DefaultSearchURL: Default -> hxxp://www.hohosearch.com/chrome.php?q={searchTerms}&ts=AHEpCHEqB3EtB0..&v=20160329&uid=6E4E447C9CF0118B28A3E731EE13EE9C&ptid=amz&mode=nnnb
CHR DefaultSearchKeyword: Default -> hohosearch
CHR Profile: C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26]
CHR Extension: (Búsqueda de Google) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Zotero Connector) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-03]
CHR Extension: (Gmail) - C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations) [File not signed]
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Origin Games\Dragon Age Origins Ultimate Edition\\bin_ship\daupdatersvc.service.exe [25832 2011-05-17] (BioWare)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2013-02-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2013-02-17] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
U2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2014-12-02] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53032 2014-06-09] (National Instruments Corporation)
S2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-14] (Acer Incorporate)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
S2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84792 2015-01-09] (National Instruments Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2014-11-21] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2014-11-21] (National Instruments Corporation)
R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-10-23] (National Instruments Corporation)
S2 nidevldu; C:\WINDOWS\SysWOW64\nidevldu.exe [163184 2014-08-06] (National Instruments Corporation)
S2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177536 2014-06-19] (National Instruments Corporation)
S2 nipxirmu; C:\WINDOWS\SysWOW64\nipxism.exe [20816 2014-01-09] (National Instruments Corporation)
S2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation)
S2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2014-11-21] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [687944 2013-06-15] (National Instruments Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-07] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [835664 2016-03-28] (Valve Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-04-05] (Disc Soft Ltd)
S3 DynCal; C:\Windows\SysWOW64\drivers\Dyncal.sys [12928 2007-11-07] (Padix Co., Ltd) [File not signed]
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)
S3 lvalarmk; C:\Windows\System32\drivers\lvalarmk.sys [27528 2014-06-11] (National Instruments Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 ni1045k; C:\WINDOWS\system32\drivers\ni1045kl.sys [12984 2014-05-16] (National Instruments Corporation)
S3 ni1065k; C:\WINDOWS\system32\drivers\ni1065k.sys [30032 2014-05-16] (National Instruments Corporation)
S3 nicdcck; C:\Windows\System32\drivers\nicdcckl.sys [15192 2014-08-07] (National Instruments Corporation)
S3 nicdrk; C:\Windows\System32\drivers\nicdrkl.sys [15192 2014-08-07] (National Instruments Corporation)
S3 nicmrk; C:\Windows\System32\drivers\nicmrkl.sys [15208 2014-10-20] (National Instruments Corporation)
S3 nicondrk; C:\Windows\System32\drivers\nicondrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 nicsrk; C:\Windows\System32\drivers\nicsrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 nicsrkw; C:\Windows\system32\DRIVERS\nicsrkw.sys [14664 2014-10-20] (National Instruments Corporation)
R3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [15200 2014-07-30] (National Instruments Corporation)
S3 nidmxfk; C:\Windows\System32\drivers\nidmxfkl.sys [15176 2014-08-06] (National Instruments Corporation)
S3 nidsark; C:\Windows\System32\drivers\nidsarkl.sys [15184 2014-08-07] (National Instruments Corporation)
S3 niemrk; C:\Windows\System32\drivers\niemrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 niesrk; C:\Windows\System32\drivers\niesrkl.sys [15176 2014-10-20] (National Instruments Corporation)
R3 NIEthernetDeviceEnumerator; C:\Windows\System32\drivers\niede.sys [38064 2012-01-12] (National Instruments Corporation)
S3 nihorbrk; C:\Windows\System32\drivers\nihorbrkl.sys [15176 2014-10-20] (National Instruments Corporation)
R3 nimdbgk; C:\WINDOWS\system32\drivers\nimdbgkl.sys [15200 2014-07-30] (National Instruments Corporation)
R3 nimru2k; C:\WINDOWS\system32\drivers\nimru2kl.sys [15200 2014-07-30] (National Instruments Corporation)
S3 nimsdrk; C:\Windows\System32\drivers\nimsdrkl.sys [15232 2014-08-06] (National Instruments Corporation)
S3 nimstsk; C:\Windows\System32\drivers\nimstskl.sys [15200 2014-08-06] (National Instruments Corporation)
R3 nimxdfk; C:\WINDOWS\system32\drivers\nimxdfkl.sys [15184 2014-07-30] (National Instruments Corporation)
S3 nimxpk; C:\Windows\System32\drivers\nimxpkl.sys [15208 2014-08-06] (National Instruments Corporation)
S3 ninshsdk; C:\WINDOWS\system32\drivers\ninshsdkl.sys [15200 2014-04-01] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [15184 2014-07-30] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [15232 2014-07-31] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [773464 2014-07-31] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [15224 2014-07-31] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [19288 2014-02-28] (National Instruments Corporation)
R0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [89992 2014-06-12] (National Instruments Corporation)
R0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [73112 2015-05-18] (National Instruments Corporation)
S3 nipxifpk; C:\WINDOWS\system32\drivers\nipxifpk.sys [37272 2013-09-10] (National Instruments Corporation)
S3 nipxigpk; C:\WINDOWS\system32\drivers\nipxigpk.sys [22680 2011-08-09] (National Instruments Corporation)
R2 nipxirmk; C:\WINDOWS\system32\drivers\nipxirmkl.sys [15184 2014-01-09] (National Instruments Corporation)
S3 niraptrk; C:\Windows\System32\drivers\niraptrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 niscdk; C:\WINDOWS\system32\drivers\niscdkl.sys [15216 2014-04-29] (National Instruments Corporation)
S3 nisdigk; C:\Windows\System32\drivers\nisdigkl.sys [15192 2014-10-20] (National Instruments Corporation)
S3 nisftk; C:\WINDOWS\system32\drivers\nisftkl.sys [15184 2014-04-01] (National Instruments Corporation)
S3 nispdk; C:\WINDOWS\system32\drivers\nispdkl.sys [15216 2014-04-29] (National Instruments Corporation)
S3 nissrk; C:\Windows\System32\drivers\nissrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 nistc2k; C:\Windows\System32\drivers\nistc2kl.sys [15152 2014-08-07] (National Instruments Corporation)
S3 nistc3rk; C:\Windows\System32\drivers\nistc3rkl.sys [15168 2014-08-07] (National Instruments Corporation)
S3 nistcrk; C:\Windows\System32\drivers\nistcrkl.sys [15200 2014-08-07] (National Instruments Corporation)
S3 niswdk; C:\Windows\System32\drivers\niswdkl.sys [15176 2014-08-07] (National Instruments Corporation)
S3 nitfurk; C:\Windows\System32\drivers\nitfurkl.sys [15216 2014-10-20] (National Instruments Corporation)
S3 nitiork; C:\Windows\System32\drivers\nitiorkl.sys [15200 2014-08-07] (National Instruments Corporation)
S3 niufurk; C:\Windows\System32\drivers\niufurkl.sys [15208 2014-10-20] (National Instruments Corporation)
S3 niufurkw; C:\Windows\system32\DRIVERS\niufurkw.sys [14696 2014-10-20] (National Instruments Corporation)
S3 niwfrk; C:\Windows\System32\drivers\niwfrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 nixfmrrk; C:\Windows\System32\drivers\nixfmrrkl.sys [15184 2014-10-20] (National Instruments Corporation)
S3 nixsrk; C:\Windows\System32\drivers\nixsrkl.sys [15176 2014-10-20] (National Instruments Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-06] (Synaptics Incorporated)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [89840 2016-03-07] (Huorong Borui (Beijing) Technology Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [X]
S3 usb6xxxk; system32\drivers\usb6xxxkl.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-01 10:01 - 2016-04-01 10:01 - 00000000 ____D C:\FRST
2016-03-31 19:23 - 2016-03-31 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-31 19:22 - 2016-03-31 20:18 - 00000000 ____D C:\Users\Bayo\Desktop\mbar
2016-03-31 19:15 - 2016-03-31 20:27 - 00000000 ____D C:\AdwCleaner
2016-03-31 18:57 - 2016-03-31 18:57 - 00001054 _____ C:\stupid-malwares2.txt
2016-03-31 17:56 - 2016-03-31 18:03 - 00000000 ____D C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-03-31 17:56 - 2016-03-31 17:56 - 00001564 _____ C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-03-31 17:52 - 2016-03-31 17:52 - 00001058 _____ C:\stupid-malwares.txt
2016-03-31 16:56 - 2016-03-31 20:36 - 00000464 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2016-03-31 16:56 - 2016-03-31 16:56 - 00003412 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2016-03-31 16:56 - 2016-03-31 16:56 - 00000000 ____D C:\Users\Bayo\AppData\Local\UCBrowser
2016-03-31 16:56 - 2016-03-07 22:03 - 00089840 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-03-31 16:55 - 2016-03-31 19:06 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-03-31 16:54 - 2016-03-31 16:54 - 00005120 _____ C:\Users\Bayo\AppData\Roaming\GiftBag.db
2016-03-31 16:53 - 2016-03-31 16:53 - 00000000 ____D C:\Program Files (x86)\badu
2016-03-31 16:53 - 2016-03-31 16:51 - 00132344 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-03-31 16:49 - 2016-03-31 19:11 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-31 16:48 - 2016-03-31 16:48 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-31 16:45 - 2016-03-31 16:45 - 02750718 _____ C:\WINDOWS\chromebrowser.exe
2016-03-31 16:44 - 2016-03-31 16:44 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-03-31 11:22 - 2016-03-31 11:22 - 00137728 _____ C:\WINDOWS\c26ed1126e616e854eb73df45fd65385.exe
2016-03-28 19:20 - 2016-03-28 19:20 - 00074394 _____ C:\Users\Bayo\Downloads\46e8c168bac899b515b852b40eb4b051.pdf
2016-03-24 15:52 - 2016-03-22 21:04 - 00166038 _____ C:\Users\Bayo\Documents\proyecto_omega-schem2.bak
2016-03-22 20:15 - 2016-03-24 15:52 - 00149457 _____ C:\Users\Bayo\Documents\proyecto_omega-schem2.dwg
2016-03-20 18:32 - 2016-03-22 07:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-19 09:23 - 2016-03-19 09:23 - 00000000 ____D C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-18 19:50 - 2016-03-22 20:02 - 00153584 _____ C:\Users\Bayo\Documents\proyecto_omega-schem.bak
2016-03-18 17:32 - 2016-03-22 20:04 - 00153584 _____ C:\Users\Bayo\Documents\proyecto_omega-schem.dwg
2016-03-17 16:09 - 2016-03-22 09:20 - 00173012 _____ C:\Users\Bayo\Documents\croquis-casa-segun-gob-Model.pdf
2016-03-17 16:07 - 2016-03-22 09:20 - 00060733 _____ C:\Users\Bayo\Documents\croquis-casa-segun-gob.bak
2016-03-17 11:51 - 2016-03-22 09:58 - 00067503 _____ C:\Users\Bayo\Documents\croquis-casa-segun-gob.dwg
2016-03-08 20:28 - 2016-02-20 09:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-08 20:28 - 2016-02-20 09:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-08 20:28 - 2016-02-20 09:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-08 20:28 - 2016-02-20 09:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-08 20:28 - 2016-02-20 09:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-08 20:28 - 2016-02-20 09:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-08 20:28 - 2016-02-06 10:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-08 20:28 - 2016-02-06 10:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-08 20:28 - 2016-02-05 13:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-03-08 20:28 - 2016-01-24 12:19 - 00419160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-03-08 20:28 - 2016-01-24 12:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-03-08 20:28 - 2016-01-24 12:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-03-08 20:28 - 2016-01-24 05:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-03-08 20:28 - 2016-01-24 05:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-03-08 20:28 - 2016-01-15 10:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-03-08 20:28 - 2016-01-15 10:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-03-08 20:28 - 2016-01-10 10:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-08 20:28 - 2016-01-10 10:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-08 20:28 - 2016-01-08 19:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-03-08 20:28 - 2016-01-08 19:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-03-08 20:28 - 2016-01-08 19:38 - 00091992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-03-08 20:28 - 2016-01-06 17:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-03-08 20:28 - 2016-01-06 17:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-08 20:28 - 2016-01-06 12:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-03-08 20:28 - 2016-01-06 10:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-08 20:28 - 2016-01-05 09:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-08 20:28 - 2015-12-30 15:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-08 20:28 - 2015-12-30 14:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-03-08 20:28 - 2015-12-20 08:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-08 20:28 - 2015-12-20 08:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-03-08 20:28 - 2015-12-20 08:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-08 20:28 - 2015-11-19 08:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-03-08 20:28 - 2015-11-19 08:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-03-08 18:28 - 2016-02-08 15:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-08 18:28 - 2016-02-08 14:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-08 18:28 - 2016-02-08 14:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-08 18:28 - 2016-02-08 14:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-08 18:28 - 2016-02-08 14:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-08 18:28 - 2016-02-08 14:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-08 18:28 - 2016-02-08 14:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-03-08 18:28 - 2016-02-08 14:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-08 18:28 - 2016-02-08 14:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-03-08 18:28 - 2016-02-08 14:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-08 18:28 - 2016-02-08 14:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-08 18:28 - 2016-02-08 14:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-08 18:28 - 2016-02-08 13:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-08 18:28 - 2016-02-08 13:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-08 18:28 - 2016-02-08 13:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-03-08 18:28 - 2016-02-08 12:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-08 18:28 - 2016-02-08 12:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-08 18:28 - 2016-02-08 12:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-08 18:28 - 2016-02-08 12:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-08 18:28 - 2016-02-08 12:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-08 18:28 - 2016-02-08 11:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-03-08 18:28 - 2016-02-08 11:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-03-08 18:28 - 2016-02-08 11:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-08 18:28 - 2016-02-08 11:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-08 18:28 - 2016-02-08 11:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-08 18:28 - 2016-02-08 11:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-08 18:28 - 2016-02-08 11:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-03-08 18:28 - 2016-02-08 11:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-08 18:28 - 2016-02-08 10:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-03-08 18:27 - 2016-02-08 11:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-03-08 18:26 - 2016-02-12 13:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-08 18:26 - 2016-02-12 09:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-08 18:26 - 2016-02-12 08:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-08 18:26 - 2016-02-12 08:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-03-08 18:26 - 2016-02-12 08:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-03-08 18:26 - 2016-02-12 08:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-03-08 18:26 - 2016-02-12 08:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-03-08 18:26 - 2016-02-12 08:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-03-08 18:26 - 2016-02-12 08:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-03-08 18:26 - 2016-02-12 08:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-03-08 18:26 - 2016-02-12 08:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-03-08 18:26 - 2016-02-12 08:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-03-08 18:26 - 2016-02-06 12:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-08 18:26 - 2016-02-05 13:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-08 18:26 - 2016-02-05 13:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-08 18:26 - 2016-02-05 09:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-08 18:26 - 2016-02-05 09:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-08 18:26 - 2016-02-05 08:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-08 18:26 - 2016-02-05 08:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-08 18:26 - 2016-02-05 08:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-03-08 18:26 - 2016-02-05 08:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-03-08 18:26 - 2016-02-04 12:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-08 18:26 - 2016-02-03 14:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-08 18:26 - 2016-02-03 14:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-08 18:26 - 2016-02-03 09:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-08 18:26 - 2016-02-03 09:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-08 18:26 - 2016-02-03 09:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-08 18:26 - 2016-01-31 13:16 - 00148832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-08 18:25 - 2016-02-04 12:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-08 18:25 - 2016-02-04 12:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-08 18:25 - 2016-02-04 11:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-08 18:25 - 2016-02-04 11:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-08 18:25 - 2016-02-04 11:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-08 18:25 - 2016-02-04 11:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-01 09:47 - 2013-12-24 14:35 - 00001050 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-01 09:47 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-31 21:18 - 2015-06-21 16:08 - 00000966 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002UA.job
2016-03-31 21:05 - 2013-12-24 14:35 - 00001054 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-31 21:00 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Inf
2016-03-31 20:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-31 20:49 - 2014-02-05 16:22 - 00000000 ____D C:\Users\Bayo\AppData\Local\ElevatedDiagnostics
2016-03-31 20:43 - 2015-07-07 17:59 - 00000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-31 19:59 - 2013-12-24 15:53 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2466116663-3634806204-2722683822-1002
2016-03-31 19:23 - 2014-05-08 13:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-31 19:22 - 2014-05-08 13:54 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-31 19:21 - 2013-07-12 23:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-03-31 19:13 - 2013-11-14 01:25 - 01939806 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-31 19:13 - 2013-11-14 01:08 - 00851188 _____ C:\WINDOWS\system32\perfh00A.dat
2016-03-31 19:13 - 2013-11-14 01:08 - 00185902 _____ C:\WINDOWS\system32\perfc00A.dat
2016-03-31 19:12 - 2015-07-13 15:16 - 00002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk
2016-03-31 19:12 - 2015-03-18 08:57 - 00001903 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-31 19:12 - 2015-02-28 17:31 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2016-03-31 19:12 - 2014-04-21 14:35 - 00001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2016-03-31 19:12 - 2014-01-13 23:38 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-31 19:12 - 2014-01-05 16:22 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-03-31 19:12 - 2013-12-25 19:51 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI MAX.lnk
2016-03-31 19:12 - 2013-12-25 19:43 - 00001363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI Launcher.lnk
2016-03-31 19:12 - 2013-12-24 14:36 - 00001921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 19:12 - 2013-05-30 20:30 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-31 19:11 - 2014-04-21 14:35 - 00001021 _____ C:\Users\Public\Desktop\Inkscape.lnk
2016-03-31 19:11 - 2014-04-12 13:49 - 00002243 _____ C:\Users\Public\Desktop\Autodesk Inventor Professional 2014.lnk
2016-03-31 19:11 - 2014-04-12 13:18 - 00002149 _____ C:\Users\Public\Desktop\DWG TrueView 2014.lnk
2016-03-31 19:11 - 2014-01-25 14:41 - 00001246 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-03-31 19:11 - 2014-01-11 12:31 - 00000993 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-03-31 19:11 - 2014-01-05 16:22 - 00001977 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-03-31 19:11 - 2013-12-25 01:10 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-31 19:11 - 2013-12-24 16:27 - 00002100 _____ C:\Users\Public\Desktop\AutoCAD 2012 - English.lnk
2016-03-31 19:08 - 2015-07-10 17:33 - 00001064 _____ C:\Users\Bayo\Desktop\Dropbox.lnk
2016-03-31 19:08 - 2015-01-23 11:14 - 00001937 _____ C:\Users\Bayo\Desktop\SumatraPDF.lnk
2016-03-31 19:08 - 2014-10-09 09:02 - 00001030 _____ C:\Users\Bayo\Desktop\Telegram.lnk
2016-03-31 19:08 - 2014-09-08 17:52 - 00001569 _____ C:\Users\Bayo\Desktop\Capture - Acceso directo.lnk
2016-03-31 19:08 - 2014-06-03 15:26 - 00000946 _____ C:\Users\Bayo\Desktop\GIMP 2.lnk
2016-03-31 19:08 - 2014-03-12 19:41 - 00000963 _____ C:\Users\Bayo\Desktop\CDisplay.lnk
2016-03-31 19:08 - 2014-01-25 14:41 - 00001276 _____ C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2016-03-31 19:08 - 2014-01-14 00:04 - 00001434 _____ C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-31 19:08 - 2013-08-22 00:46 - 00001190 _____ C:\Users\Bayo\Desktop\Paint.lnk
2016-03-31 19:05 - 2013-08-22 07:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-31 17:55 - 2013-08-22 08:44 - 00504504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-31 16:53 - 2013-12-24 14:43 - 00000000 ____D C:\Users\Bayo\AppData\Local\VirtualStore
2016-03-31 16:05 - 2014-01-25 15:54 - 00000000 ____D C:\Users\Bayo\AppData\Local\Akamai
2016-03-31 12:49 - 2014-04-21 15:03 - 00307200 ___SH C:\Users\Bayo\Desktop\Thumbs.db
2016-03-31 11:04 - 2014-01-07 13:29 - 00001000 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002Core.job
2016-03-31 08:18 - 2015-06-21 16:08 - 00000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002Core.job
2016-03-31 08:18 - 2014-10-09 09:02 - 00000000 ____D C:\Users\Bayo\AppData\Roaming\Telegram Desktop
2016-03-31 07:49 - 2013-12-25 19:29 - 00000000 ___RD C:\Users\Bayo\Dropbox
2016-03-31 07:49 - 2013-12-25 19:14 - 00000000 ____D C:\Users\Bayo\AppData\Roaming\Dropbox
2016-03-30 14:43 - 2014-01-14 15:46 - 00000000 ____D C:\Users\Bayo\AppData\Local\Deployment
2016-03-29 19:48 - 2014-02-04 12:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-29 18:31 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-28 16:13 - 2014-05-13 18:07 - 00000000 ____D C:\Users\Bayo\Documents\Banamex
2016-03-28 15:30 - 2012-07-26 01:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-28 15:27 - 2015-04-06 10:43 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-28 15:27 - 2015-04-06 10:43 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-03-28 13:31 - 2014-02-21 22:31 - 02549248 ___SH C:\Users\Bayo\Downloads\Thumbs.db
2016-03-27 15:10 - 2013-12-24 17:48 - 00000000 ____D C:\ProgramData\Origin
2016-03-26 16:14 - 2013-08-22 09:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-26 13:35 - 2014-01-25 14:41 - 00000000 ____D C:\ProgramData\ProductData
2016-03-23 16:43 - 2015-07-07 17:59 - 00003726 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-03-22 09:22 - 2014-03-26 08:56 - 00181248 ___SH C:\Users\Bayo\Documents\Thumbs.db
2016-03-22 07:46 - 2015-03-18 08:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-21 14:44 - 2014-05-08 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-21 14:44 - 2014-05-08 13:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-21 13:10 - 2014-01-19 18:28 - 00000000 ____D C:\Users\Bayo\AppData\Roaming\vlc
2016-03-21 10:00 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-16 15:40 - 2014-06-03 15:26 - 00000000 ____D C:\Users\Bayo\.gimp-2.8
2016-03-16 15:04 - 2013-12-25 10:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-12 13:13 - 2014-05-09 08:00 - 00000000 __SHD C:\Users\Bayo\AppData\Local\EmieUserList
2016-03-12 13:13 - 2014-05-09 08:00 - 00000000 __SHD C:\Users\Bayo\AppData\Local\EmieSiteList
2016-03-12 13:11 - 2014-05-01 14:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-10 21:49 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
2016-03-10 14:09 - 2014-05-08 13:54 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-10 14:08 - 2013-12-25 01:09 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-08 22:41 - 2014-12-13 00:20 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-08 21:35 - 2013-12-30 10:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-08 21:06 - 2013-12-30 10:19 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 18:25 - 2015-12-08 12:25 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-08 18:25 - 2015-12-08 12:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-08 18:24 - 2015-12-08 12:25 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-08 12:10 - 2014-01-22 21:37 - 00000000 ____D C:\Servicios
2016-03-08 01:00 - 2013-08-22 09:38 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 01:00 - 2013-08-22 09:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 12:18 - 2014-02-18 17:31 - 00000000 ___RD C:\Users\Bayo\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2016-03-03 21:33 - 2015-10-30 13:12 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-03 21:09 - 2014-01-13 16:14 - 00000000 ___DC C:\WINDOWS\Panther
 
==================== Files in the root of some directories =======
 
2016-03-31 16:54 - 2016-03-31 16:54 - 0005120 _____ () C:\Users\Bayo\AppData\Roaming\GiftBag.db
2014-06-18 21:04 - 2014-06-18 21:04 - 0000024 _____ () C:\Users\Bayo\AppData\Roaming\temp.ini
2016-02-01 12:35 - 2016-02-01 12:35 - 0000218 _____ () C:\Users\Bayo\AppData\Local\recently-used.xbel
2014-05-19 10:41 - 2014-07-17 19:44 - 0007609 _____ () C:\Users\Bayo\AppData\Local\Resmon.ResmonCfg
2013-05-30 20:18 - 2013-05-30 20:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-24 16:28 - 2013-12-24 16:28 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
Some files in TEMP:
====================
C:\Users\Bayo\AppData\Local\Temp\7za.exe
C:\Users\Bayo\AppData\Local\Temp\AcDeltree.exe
C:\Users\Bayo\AppData\Local\Temp\Browser_V5.6.10551.6_f_4729_(Build1602291105).exe
C:\Users\Bayo\AppData\Local\Temp\DAEMON Tools Lite 10.1.0.74.exe
C:\Users\Bayo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3d3zgb.dll
C:\Users\Bayo\AppData\Local\Temp\dxdiag.exe
C:\Users\Bayo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Bayo\AppData\Local\Temp\GUR33D.exe
C:\Users\Bayo\AppData\Local\Temp\GUR418.exe
C:\Users\Bayo\AppData\Local\Temp\MediaPlayer__3137_il213892.exe
C:\Users\Bayo\AppData\Local\Temp\mesox.exe
C:\Users\Bayo\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74673_Silence.exe
C:\Users\Bayo\AppData\Local\Temp\set.exe
C:\Users\Bayo\AppData\Local\Temp\setdd.exe
C:\Users\Bayo\AppData\Local\Temp\setup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD.  
 
 
LastRegBack: 2016-03-31 18:31
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Bayo (2016-04-01 10:02:55)
Running from D:\progs
Windows 8.1 Single Language (X64) (2014-01-14 06:04:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2466116663-3634806204-2722683822-500 - Administrator - Disabled)
Bayo (S-1-5-21-2466116663-3634806204-2722683822-1002 - Administrator - Enabled) => C:\Users\Bayo
HomeGroupUser$ (S-1-5-21-2466116663-3634806204-2722683822-1008 - Limited - Enabled)
Invitado (S-1-5-21-2466116663-3634806204-2722683822-501 - Limited - Disabled)
sadel_000 (S-1-5-21-2466116663-3634806204-2722683822-1005 - Limited - Enabled) => C:\Users\sadel_000

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version: - Triumph Studios)
Akamai NetSession Interface (HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.0 - Arduino LLC)
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 - English (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.1.22200.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.1.22200.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 English Language Pack (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 SP1 (HKLM\...\Autodesk Inventor Professional 2014 SP1) (Version: 18.1.22200.0000 - Autodesk)
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)) (Version: 18.0.86.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) English Language Pack (Version: 18.0.86.0 - Autodesk) Hidden
Battle for Wesnoth 1.10.7 (HKLM-x32\...\Battle for Wesnoth 1.10.7) (Version: 1.10.7 - )
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version: - Red Dot Games)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dragon Age Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05 - Electronic Arts)
Dropbox (HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
EA Installer (HKLM-x32\...\EA Installer.-1202606811) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version: - )
GNU Octave 3.6.4 (HKLM-x32\...\GNU Octave - 3.6.4) (Version: 3.6.4 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.7.2405 - IObit)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Math Kernel Libraries (64-bit) (Version: 1.0.33.0 - National Instruments) Hidden
Math Kernel Libraries (64-bit) (Version: 13.0.13 - National Instruments) Hidden
Math Kernel Libraries (64-bit) (Version: 14.0.6 - National Instruments) Hidden
Math Kernel Libraries (x32 Version: 1.0.33.0 - National Instruments) Hidden
Math Kernel Libraries (x32 Version: 13.0.13 - National Instruments) Hidden
Math Kernel Libraries (x32 Version: 14.0.6 - National Instruments) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 45.0.1 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 es-MX)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NI .NET Framework 4.0 (x32 Version: 4.01.49154 - National Instruments) Hidden
NI ActiveX Container (64-bit) (Version: 14.0.5 - National Instruments) Hidden
NI ActiveX Container (x32 Version: 14.0.5 - National Instruments) Hidden
NI AFW Channel Configuration Tool (x32 Version: 14.0.36 - National Instruments) Hidden
NI AFW Custom UI (x32 Version: 14.0.37 - National Instruments) Hidden
NI AFW Custom UI Assemblies (x32 Version: 14.0.36 - National Instruments) Hidden
NI AFW UI Assemblies (x32 Version: 14.0.49 - National Instruments) Hidden
NI Assistant Framework (x32 Version: 14.0.40 - National Instruments) Hidden
NI Assistant Framework 64-bit (Version: 14.0.49 - National Instruments) Hidden
NI Atomic PXIe Peripheral Module Driver 2.3.2 (x32 Version: 2.32.49152 - National Instruments) Hidden
NI Authentication 2014SP1 (64-bit) (Version: 14.5.5 - National Instruments) Hidden
NI Authentication 2014SP1 (x32 Version: 14.5.5 - National Instruments) Hidden
NI Certificates Deployment Support (x32 Version: 1.04.49153 - National Instruments) Hidden
NI Controller Driver 1.0 (x32 Version: 1.00.49152 - National Instruments) Hidden
NI Controller Driver 1.0 64-bit (Version: 1.00.49152 - National Instruments) Hidden
NI Curl 14.0.0 (64-bit) (Version: 14.0.294 - National Instruments) Hidden
NI Curl 2014 (x32 Version: 14.0.295 - National Instruments) Hidden
NI DataSocket 5.1 (64-bit) (Version: 5.1.227 - National Instruments) Hidden
NI DataSocket 5.1 (x32 Version: 5.1.227 - National Instruments) Hidden
NI Error Reporting 2014 (x32 Version: 14.0.379 - National Instruments) Hidden
NI Error Reporting Interface 14.0 (x32 Version: 14.0.241 - National Instruments) Hidden
NI Error Reporting Interface 14.0 for Windows (64-bit) (Version: 14.0.241 - National Instruments) Hidden
NI Ethernet Device Enumerator (x32 Version: 1.01.49152 - National Instruments) Hidden
NI Ethernet Device Enumerator 64-Bit (Version: 1.01.49152 - National Instruments) Hidden
NI EulaDepot (x32 Version: 15.0.216 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 13.0.0 (x32 Version: 13.0.45.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 13.0.0 (Version: 13.0.45.0 - National Instruments) Hidden
NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
NI Help Configuration Utility for VS2010 (x32 Version: 13.0.00167 - National Instruments) Hidden
NI I/O Trace 14.5.0 (x32 Version: 14.50.49152 - National Instruments) Hidden
NI I/O Trace 64-bit Support 14.5.0 (Version: 14.50.49152 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 14.0.386 - National Instruments) Hidden
NI LabVIEW 2012 Run-Time Engine Web Server (x32 Version: 12.5.198.0 - National Instruments) Hidden
NI LabVIEW 2012 SP1 Deployable License (x32 Version: 12.1.52.0 - National Instruments) Hidden
NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (x32 Version: 12.1.52.0 - National Instruments) Hidden
NI LabVIEW 2013 Run-Time Engine Web Server (x32 Version: 13.5.27 - National Instruments) Hidden
NI LabVIEW 2013 SP1 Deployable License (x32 Version: 13.1.99 - National Instruments) Hidden
NI LabVIEW 2013 SP1 Run-Time Engine Non-English Support. (x32 Version: 13.1.99 - National Instruments) Hidden
NI LabVIEW 2014 Deployment Framework (x32 Version: 14.0.390 - National Instruments) Hidden
NI LabVIEW 2014 Real-Time Error Dialog (x32 Version: 14.0.82 - National Instruments) Hidden
NI LabVIEW 2014 SP1 Run-Time Engine Web Server (x32 Version: 14.5.5 - National Instruments) Hidden
NI LabVIEW Broker (64 bit) (Version: 6.8.10.0 - National Instruments) Hidden
NI LabVIEW Broker (x32 Version: 6.8.10.0 - National Instruments) Hidden
NI LabVIEW C Interface (x32 Version: 1.0.1 - National Instruments) Hidden
NI LabVIEW Runtime 2014 SP1 (x32 Version: 14.1.101 - National Instruments) Hidden
NI LabVIEW Runtime 2014 SP1 Non-English Support. (x32 Version: 14.1.96 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 SP1 f9 (x32 Version: 12.1.72.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2013 SP1 f2 (x32 Version: 13.1.109 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.72.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.1.109 - National Instruments) Hidden
NI LabVIEW Runtime Interop 2014 (x32 Version: 14.1.101 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Network Variable Library (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2013 SP1 Code Generator (x32 Version: 13.0.1201 - National Instruments) Hidden
NI LabWindows/CVI 2013 SP2 Low-Level Driver (Original) (x32 Version: 13.0.2278 - National Instruments) Hidden
NI LabWindows/CVI 2013 SP2 Low-Level Driver (Updated) (x32 Version: 13.0.2278 - National Instruments) Hidden
NI Launcher (x32 Version: 15.0.172 - National Instruments) Hidden
NI License Manager (x32 Version: 3.7.73 - National Instruments) Hidden
NI Logos 5.6 (64-bit) (Version: 5.6.257 - National Instruments) Hidden
NI Logos 5.6 (x32 Version: 5.6.257 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.6.253 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.6.253 - National Instruments) Hidden
NI MAX Remote Configuration 64-bit Installer 14.5 (Version: 14.50.49152 - National Instruments) Hidden
NI MAX Remote Configuration Installer 14.5 (x32 Version: 14.50.49152 - National Instruments) Hidden
NI MAX Support for 64 Bit Windows (Version: 14.50.49152 - National Instruments) Hidden
NI MDF Support (x32 Version: 15.0.172 - National Instruments) Hidden
NI mDNS Responder 14.0 for Windows 64-bit (Version: 14.00.49152 - National Instruments) Hidden
NI mDNS Responder 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI Measurement & Automation Explorer 14.5.0 (x32 Version: 14.50.49152 - National Instruments) Hidden
NI Measurement Studio 2010 Service Pack 1 Enterprise RunTime for VS2010 (x32 Version: 9.1.10106 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies (x64) for .NET 4.0 (Version: 13.0.00190 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies for .NET 4.0 and VS2010 (x32 Version: 13.0.00190 - National Instruments) Hidden
NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
NI Measurement Studio ComponentWorks UI (x32 Version: 8.6.10603 - National Instruments) Hidden
NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101 - National Instruments) Hidden
NI MetaSuite Installer (x32 Version: 15.0.172 - National Instruments) Hidden
NI MXS 14.5.0 (x32 Version: 14.50.49152 - National Instruments) Hidden
NI MXS 14.5.0 for 64 Bit Windows (Version: 14.50.49152 - National Instruments) Hidden
NI Network Browser 5.5.0 (x32 Version: 5.50.166 - National Instruments) Hidden
NI Network Discovery 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI Network Discovery 14.0 for Windows 64-bit (Version: 14.00.49152 - National Instruments) Hidden
NI OPC Support (x32 Version: 13.0.296 - National Instruments) Hidden
NI OPCEnum Shared (x32 Version: 5.5.2018 - National Instruments) Hidden
NI Portable Configuration 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI Portable Configuration for 64 Bit Windows 14.0.0 (Version: 14.00.49152 - National Instruments) Hidden
NI PXI Platform Framework 2.1.0 (x32 Version: 2.10.49152 - National Instruments) Hidden
NI PXI Platform Framework 2.1.0 64-bit (Version: 2.10.49152 - National Instruments) Hidden
NI PXI Platform Services 14.0 Expert (x32 Version: 14.00.49152 - National Instruments) Hidden
NI PXI Platform Services Configuration 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI PXI Platform Services Runtime 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI PXI Platform Services Runtime 14.0 64-bit (Version: 14.00.49152 - National Instruments) Hidden
NI Registration Wizard (x32 Version: 1.3.97.0 - National Instruments) Hidden
NI Remote Provider for MAX 14.5.0 (x32 Version: 14.50.49152 - National Instruments) Hidden
NI Remote PXI Provider for MAX 14.5.0 (x32 Version: 14.50.49152 - National Instruments) Hidden
NI RTSI Cable Core Installer 14.1.0 (x32 Version: 14.10.49153 - National Instruments) Hidden
NI RTSI Cable Core Installer for 64 Bit Windows 14.1.0 (Version: 14.10.49153 - National Instruments) Hidden
NI RTSI PAL Device Library Installer 14.1.0 (x32 Version: 14.10.49153 - National Instruments) Hidden
NI RTSI PAL Device Library Installer for 64 Bit Windows 14.1.0 (Version: 14.10.49153 - National Instruments) Hidden
NI RTSI UI Provider 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI RTSI UI Provider for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
NI Service Locator 2014 (x32 Version: 14.0.217 - National Instruments) Hidden
NI SignalExpress 2014 Datatypes (x32 Version: 14.0.54 - National Instruments) Hidden
NI SignalExpress 2014 Tools (x32 Version: 14.0.48 - National Instruments) Hidden
NI Software Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
NI SSL LabVIEW RTE 2013 SP1 Support (x32 Version: 13.5.27 - National Instruments) Hidden
NI SSL LabVIEW RTE 2014 Support (x32 Version: 14.0.376 - National Instruments) Hidden
NI SSL Support (64-bit) (Version: 14.5.10 - National Instruments) Hidden
NI SSL Support (x32 Version: 14.5.10 - National Instruments) Hidden
NI System API .NET 14.0.0 (x32 Version: 14.0.310 - National Instruments) Hidden
NI System API .NET 14.5.0 (x32 Version: 14.50.84 - National Instruments) Hidden
NI System API .NET 5.5.0 (x32 Version: 5.50.157 - National Instruments) Hidden
NI System API Client for WIF 14.5.0 (x32 Version: 14.50.85 - National Instruments) Hidden
NI System API Web-Service 32-bit 14.5.0 (x32 Version: 14.50.84 - National Instruments) Hidden
NI System API Windows 32-bit 14.5.0 (x32 Version: 14.50.84 - National Instruments) Hidden
NI System API Windows 64-bit 14.5.0 (Version: 14.50.84 - National Instruments) Hidden
NI System Configuration .NET Runtime Support 14.5.0 (x32 Version: 14.50.49153 - National Instruments) Hidden
NI System Configuration 14.0.0 LabVIEW Support (x32 Version: 14.0.140 - National Instruments) Hidden
NI System Configuration CVI Support 14.0.0 (x32 Version: 14.0.141 - National Instruments) Hidden
NI System Configuration Runtime 14.5.0 (x32 Version: 14.50.40 - National Instruments) Hidden
NI System Configuration Runtime 14.5.0 for Windows 64-bit (Version: 14.50.40 - National Instruments) Hidden
NI System Monitor 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI System Monitor 14.0 64-bit (Version: 14.00.49152 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 14.1.7 - National Instruments) Hidden
NI System State Publisher (x32 Version: 14.1.7 - National Instruments) Hidden
NI System Web Server 2014 SP1 (x32 Version: 14.5.9 - National Instruments) Hidden
NI System Web Server Base 2014 SP1 (64-bit) (Version: 14.5.6 - National Instruments) Hidden
NI System Web Server Base 2014 SP1 (x32 Version: 14.5.6 - National Instruments) Hidden
NI TDM Excel Add-In 14.0 (x32 Version: 14.0.23 - National Instruments) Hidden
NI TDM Excel Add-In 14.0 64-bit (Version: 14.0.23 - National Instruments) Hidden
NI TDM Streaming 14.0 (64-bit) (Version: 14.0.43 - National Instruments) Hidden
NI TDM Streaming 14.0 (x32 Version: 14.0.43 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 14.0.177 - National Instruments) Hidden
NI Trace Engine (x32 Version: 14.0.177 - National Instruments) Hidden
NI Uninstaller (x32 Version: 15.0.172 - National Instruments) Hidden
NI Update Service 15.0 (64-bit) (Version: 15.0.47 - National Instruments) Hidden
NI Update Service 15.0 (x32 Version: 15.0.47 - National Instruments) Hidden
NI USI 2.1.0 (x32 Version: 2.1.05374 - National Instruments) Hidden
NI USI 2.1.0 64-Bit (Version: 2.1.05374 - National Instruments) Hidden
NI Variable Engine (64-bit) (Version: 2.7.297 - National Instruments) Hidden
NI Variable Engine 2.6.0 (x32 Version: 2.7.297 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
NI Visual C++ 2010 Redistributable Package (x32 Version: 10.10.16385 - National Instruments) Hidden
NI Web Application Server 2014 SP1 (64-bit) (Version: 14.5.8 - National Instruments) Hidden
NI Web Application Server 2014 SP1 (x32 Version: 14.5.8 - National Instruments) Hidden
NI Web-Based Configuration and Monitoring 14.0 (x32 Version: 14.0.410 - National Instruments) Hidden
NI WS Repl Library 2014SP1 (64-bit) (Version: 14.5.11 - National Instruments) Hidden
NI WS Repl Library 2014SP1 (x32 Version: 14.5.12 - National Instruments) Hidden
NI Xalan Delay Load 1.10.3 (x32 Version: 1.10.85 - National Instruments) Hidden
NI Xalan Delay Load 1.10.3 64-bit (Version: 1.10.86 - National Instruments) Hidden
NI Xerces Delay Load 2.7.6 (x32 Version: 2.7.218 - National Instruments) Hidden
NI Xerces Delay Load 2.7.6 64-bit (Version: 2.7.228 - National Instruments) Hidden
NI-APAL 14.0 64-Bit Error Files (Version: 14.00.49152 - National Instruments) Hidden
NI-APAL 14.0 Error Files (x32 Version: 14.00.49152 - National Instruments) Hidden
NI-APAL 2.3 Error Files for LabVIEW RT (x32 Version: 2.30.49152 - National Instruments) Hidden
NI-DAQ INF Files 24.2.0 (x32 Version: 24.20.3000 - National Instruments) Hidden
NI-DAQmx 14.2.0 (x32 Version: 14.20.49153 - National Instruments) Hidden
NI-DAQmx 653x Installer 2.1.0 (x32 Version: 2.10.49152 - National Instruments) Hidden
NI-DAQmx 653x Installer for 64 Bit Windows 2.1.0 (Version: 2.10.49152 - National Instruments) Hidden
NI-DAQmx ADE Support 14.2.0 (x32 Version: 14.20.49153 - National Instruments) Hidden
NI-DAQmx and NI-DAQ Common Documents 14.2.0 (x32 Version: 14.20.49152 - National Instruments) Hidden
NI-DAQmx C and VB6 API 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Common Digital 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Common Digital for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx DAQ Assistant 3.0.0 (x32 Version: 3.00.49153 - National Instruments) Hidden
NI-DAQmx DAQ Assistant 64-bit 3.0.0 (Version: 3.00.49153 - National Instruments) Hidden
NI-DAQmx Documentation 14.1.0 (x32 Version: 14.10.49153 - National Instruments) Hidden
NI-DAQmx Documentation for 64 bit Windows 14.1.0 (Version: 14.10.49153 - National Instruments) Hidden
NI-DAQmx Dynamic Signal Acquisition for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Dynamic Signal Acquisition Installer 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx FSL Installer 14.1.0 (x32 Version: 14.10.49153 - National Instruments) Hidden
NI-DAQmx FSL Installer for 64-Bit Windows 14.1.0 (Version: 14.10.49153 - National Instruments) Hidden
NI-DAQmx MAX Configuration Support 14.2.0 (x32 Version: 14.20.49153 - National Instruments) Hidden
NI-DAQmx MAX Support 64-bit 3.1.0 (Version: 3.10.49152 - National Instruments) Hidden
NI-DAQmx MIO Device Drivers 14.2.0 (x32 Version: 14.20.49153 - National Instruments) Hidden
NI-DAQmx MIO Device Drivers for 64 Bit Windows 14.2.0 (Version: 14.20.49153 - National Instruments) Hidden
NI-DAQmx MX Expert Framework 14.1.0 (x32 Version: 14.10.49153 - National Instruments) Hidden
NI-DAQmx MX Expert Framework for 64 Bit Windows 14.1.0 (Version: 14.10.49153 - National Instruments) Hidden
NI-DAQmx SCXI 2.2.0 (x32 Version: 2.20.49152 - National Instruments) Hidden
NI-DAQmx SCXI for 64 Bit Windows 2.2.0 (Version: 2.20.49152 - National Instruments) Hidden
NI-DAQmx STC 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx STC for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx support for LabVIEW 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Switch Core 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Switch Core for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Timing for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx Timing Installer 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx/LabVIEW shared documentation 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 14.1.0 (Version: 14.10.49152 - National Instruments) Hidden
NI-DIM 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-DIM 14.1.0 for 64-bit Windows (Version: 14.10.49152 - National Instruments) Hidden
NI-MDBG 14.1.0f0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-MDBG 14.1.0f0 for 64 Bit Windows (Version: 14.10.49152 - National Instruments) Hidden
NI-Mesa (Version: 12.0.7.0 - National Instruments) Hidden
NI-Mesa (x32 Version: 12.0.7.0 - National Instruments) Hidden
NI-MRU 14.1.0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-MRU 14.1.0 for 64-bit Windows (Version: 14.10.49152 - National Instruments) Hidden
NI-MXDF 14.1.0f0 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-MXDF 14.1.0f0 for 64 Bit Windows (Version: 14.10.49152 - National Instruments) Hidden
NI-MXLC Core (32-bit) (x32 Version: 14.0.24 - National Instruments) Hidden
NI-MXLC Core (64-bit) (Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2010 Support (Version: 3.5.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2010 Support (x32 Version: 3.5.22 - National Instruments) Hidden
NI-MXLC LabVIEW 2011 Support (Version: 14.0.24 - National Instruments) Hidden
NI-MXLC LabVIEW 2011 Support (x32 Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2012 Support (Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2012 Support (x32 Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2013 Support (Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2013 Support (x32 Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2014 Support (Version: 14.0.23 - National Instruments) Hidden
NI-MXLC LabVIEW 2014 Support (x32 Version: 14.0.23 - National Instruments) Hidden
NI-ORB 14.1 (x32 Version: 14.10.49152 - National Instruments) Hidden
NI-ORB 14.1 for 64-bit Windows (Version: 14.10.49152 - National Instruments) Hidden
NI-PAL 14.0 64-Bit Error Files (Version: 14.00.49152 - National Instruments) Hidden
NI-PAL 14.0 Error Files (x32 Version: 14.00.49152 - National Instruments) Hidden
NI-PAL 14.0.1f0 (x32 Version: 14.01.49152 - National Instruments) Hidden
NI-PAL 14.0.1f0 for 64 Bit Windows (Version: 14.01.49152 - National Instruments) Hidden
NI-RIO USBLAN 14.1 (64-bit) (Version: 14.10.49153 - National Instruments) Hidden
NI-RIO USBLAN 14.1 (x32 Version: 14.10.49153 - National Instruments) Hidden
NI-RPC 14.0.0f0 (x32 Version: 14.00.49152 - National Instruments) Hidden
NI-RPC 14.0.0f0 for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
NI-RPC 14.0.0f0 for Phar Lap ETS (x32 Version: 14.00.49152 - National Instruments) Hidden
NI-RPC 4.4.0f0 for Phar Lap ETS (x32 Version: 4.40.49152 - National Instruments) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM\...\{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Osciloscopio4CanalesNI9233 (HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\5d19c4776eba769e) (Version: 1.0.0.4 - Osciloscopio4CanalesNI9233)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PSpice Student 9.1 (HKLM-x32\...\PSpice Student) (Version: - )
PXIe-1085 and PXIe-1078 PXI Platform Services 64-bit Patch, May 2015 (Version: 1.00.49152 - National Instruments) Hidden
PXIe-1085 and PXIe-1078 PXI Platform Services Patch, May 2015 (x32 Version: 1.00.49152 - National Instruments) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)
Reset NI Config 14.5.0 (x32 Version: 14.50.27 - National Instruments) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25/05/2015) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (20/07/2012) - Samsung Electronics Co., Ltd.)
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
SoftMaker FreeOffice (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB02}) (Version: 1.0.3490 - SoftMaker Software GmbH)
Software de National Instruments (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.31 - Synaptics Incorporated)
SyncAI_ReadDigChan (HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\7e77ae225856bcba) (Version: 1.0.0.1 - SyncAI_ReadDigChan)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Telegram Desktop version 0.9.32 (HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.32 - Telegram Messenger LLP)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
VibrateGameDeviceDriver (HKLM-x32\...\{DBB7F606-0C13-4182-AD7F-427A4773580E}) (Version: 4.07.1112G - Nombre de su organizacion)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WIF Core Dependencies Windows 14.5.0 (x32 Version: 14.50.26 - National Instruments) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WiX Toolset v3.9 Core (x32 Version: 3.9.1208.0 - Outercurve Foundation) Hidden
WiX Toolset v3.9 Managed SDK (x32 Version: 3.9.1208.0 - Outercurve Foundation) Hidden
WiX Toolset v3.9 X64 (Version: 3.9.1208.0 - Outercurve Foundation) Hidden
WiX Toolset v3.9.1208.0 (HKLM-x32\...\{0f7c49f2-f5d2-4eaa-9de5-a274bdcbe6af}) (Version: 3.9.1208.0 - Outercurve Foundation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Bayo\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {158A7381-B8F7-4F97-BC28-62340B5B9D21} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {170817BF-2F49-4130-97C0-AF429D4DD81E} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe
Task: {1765452B-3E34-4312-859F-97214D8F79FB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {1921CB5B-645C-417D-905C-925A328EA07B} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {2455BC53-ADD0-46AC-99A3-3643B228D61E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-08] (Microsoft Corporation)
Task: {2CFEC1B2-85CB-4DA5-A152-B7CDB46A8D43} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-03-14] (Acer Incorporate)
Task: {440E5903-7767-4205-BF3E-4668D9191BBB} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-07] (CyberLink)
Task: {4839B2C3-0DA5-491E-AA41-52AE5C764C65} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {534E9B3A-EECD-4774-A2A5-7E3E788E7EC4} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2015-06-04] (National Instruments)
Task: {5850715B-D3FB-444F-ABDD-99B7E0302AF0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002Core => C:\Users\Bayo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {715C2D26-B586-4668-AAD4-9DE7024BC3E3} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {75766E56-10C5-4E0B-9505-5D6C26DFFD23} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2015-06-04] (National Instruments)
Task: {833B8B5E-B1EC-47D5-AE75-414036C63B8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {84C8384D-AFB9-4CEC-92C4-624B35652DDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9A8C1846-0F91-4CBC-A36D-8655969D79F4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {B7851880-98B3-4363-9405-E42F998C72E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002UA => C:\Users\Bayo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {BD103017-A1F2-438D-ACE9-4510D06F95E6} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {BF83A6B2-7BFC-4EEC-8753-E86826207373} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-25] (IObit)
Task: {C2BBEAC2-B4D8-48E5-9370-3AD889732091} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {CBCA42BC-2A8A-4536-8E62-170424B73D38} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-06] (AVAST Software)
Task: {E9618C6A-F8A5-49F6-9E2B-74BED2BEAEED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EF2B9F56-91FC-4D69-9E6B-37EC5CEBA334} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002Core => C:\Users\Bayo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002Core.job => C:\Users\Bayo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002UA.job => C:\Users\Bayo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2466116663-3634806204-2722683822-1002Core.job => C:\Users\Bayo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-23 00:21 - 2016-01-23 00:21 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2014-03-16 11:11 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-27 16:35 - 2015-09-01 10:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-02-28 17:05 - 2013-02-28 17:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 17:02 - 2013-02-28 17:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 17:06 - 2013-02-28 17:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-08 12:39 - 2014-09-08 12:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 12:38 - 2014-09-08 12:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2014-01-25 14:41 - 2014-01-25 14:41 - 00611648 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-01-26 09:36 - 2012-01-26 09:36 - 00278528 ____R () C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\xerces-depdom_2_6.dll
2016-02-23 12:22 - 2016-02-23 12:22 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Bayo\Pictures\hawk.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5375F67C-A0E8-457B-9AA7-D59C847CFEBF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{BB216D0C-1939-45A5-A123-199B43CC1230}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{797DAF84-4BA1-448C-B426-21BDCDEEDD21}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Origins Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{02FA8CE0-198B-4E7C-AC35-6E668E998B32}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Origins Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [UDP Query User{40E38370-D2AF-4C78-887C-21DBCBD7E683}C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{0EB99CE4-B5D9-4513-9214-716B53FF807F}C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{492360E2-6A3F-4534-9F1F-64F9DD72C50D}C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\eacoreserver.exe
FirewallRules: [TCP Query User{DEF92E1A-E8AD-4FA4-82D7-FABFC2FE0760}C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\eacoreserver.exe] => (Allow) C:\program files (x86)\origin games\dragon age origins ultimate edition\bin_ship\eacoreserver.exe
FirewallRules: [UDP Query User{47B0E247-F203-443A-8023-AFFE754F603C}C:\users\bayo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bayo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D9979D2F-ECE1-4F28-9189-EB17DB77AC30}C:\users\bayo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bayo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1E97D2E7-3712-4F91-8AFE-E9BF1276E059}] => (Allow) C:\Users\Bayo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E845A57D-230C-41DF-A7AD-E9E1881F1574}] => (Allow) C:\Users\Bayo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2A83DE6E-FC71-4DC3-9936-25932B6C884D}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Origins Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{F251E941-4475-48D0-9405-C7D08CD47EA9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Origins Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{87B3DAB5-3027-4A45-9540-9EF1932C738F}] => (Allow) C:\Users\Bayo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BEC7A6E-3EDA-4B85-937C-4FCA87E7FD5C}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{EBC2D206-31C2-45BC-B8C0-9A25044DBBDC}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{6F27CF9B-F813-4C04-A56B-E8E25FADA318}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{0508CA4D-EEED-4922-89F8-C8AFC62498AF}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{9D96C2AE-C5CF-485E-A605-A4EEBC5E00D0}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{3F763274-CE02-4BDB-8DFE-6C9FC9540163}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{84E6F56B-51DC-4649-9C25-A93BACDDABA7}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{C6A4ACC3-21A3-40C9-99F9-55736DEFEB16}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{C027F55E-F8FE-4DBB-B85F-D38840293149}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{6C83BC09-7E2F-4039-87DC-7FBC2CEB1E6B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{1CA59918-32F0-4B58-860C-06B7C117CCC0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{8C5D8CFC-8BCC-4EE8-87B9-8841EB2391DF}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{2D6C308C-AFDB-43E3-8A05-C6E0F235CAF5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{5C17BC54-77F0-433B-B78C-F80BF19EAB93}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{65BA2F1E-992F-495E-A8EA-61CD16E8E73A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{81CD208F-8B10-44C2-B1EA-CBC3A0172145}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{64E8AFDA-7137-4561-A286-62FEB4866E2B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{C980244A-FF07-4E01-9838-57B1200DD1C4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{CFA14DBD-9B15-4757-8A75-074154611C24}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{550584F0-9B4E-49ED-B814-7A116A39D69E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{10F38133-956A-43FA-AE07-A4C0D61AA9BE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{E7BAB0F6-6DAB-4918-9BA1-6BC7F9EC40B6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2AEC0545-19B9-4EB6-B974-CF2AA7350D61}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{94267EAB-7815-404F-9456-C6D821CCE80A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7FEBD158-DC06-4A96-AAC5-80E1D1C285B7}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{729D1E7C-8DFD-42C3-AE52-1FB48E2AA942}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{E0E76E6A-4BB0-42CB-9973-A6A19E42D472}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{2AD1F7DB-1F7F-4998-A972-CE2141EA99DC}C:\program files (x86)\battle for wesnoth 1.10.7\wesnothd.exe] => (Allow) C:\program files (x86)\battle for wesnoth 1.10.7\wesnothd.exe
FirewallRules: [UDP Query User{C331246A-931B-439B-ADB6-76523EBC0434}C:\program files (x86)\battle for wesnoth 1.10.7\wesnothd.exe] => (Allow) C:\program files (x86)\battle for wesnoth 1.10.7\wesnothd.exe
FirewallRules: [TCP Query User{4EC22A5B-81E3-4E9F-ACFB-1ADB665EDF47}C:\users\bayo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\bayo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{44C57F21-6873-4F7A-A391-C624737702BB}C:\users\bayo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\bayo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{9F3529C9-1428-4EDB-8208-38154324EDD3}] => (Allow) LPort=55576
FirewallRules: [{C43853AA-E3C8-410D-BD0F-70EA3E67F79B}] => (Allow) LPort=5000
FirewallRules: [{D37E6537-D162-4A34-B1DE-DB0ED5ACCDB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE31E0C2-6795-48B1-AA55-77601A55D4EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDC27B1F-2B0F-4E89-9EA2-F8A2FFE7689D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E1F21D1C-7DA8-4C47-ADE4-CAD316A3D3D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{BA20813B-CAB6-4392-976B-9117E68F24FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{942A0504-0C0A-499F-9ABB-E7EEE3361252}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{32EB54A4-F310-4EF4-AA2B-96D1690A9927}C:\users\bayo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\bayo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{33450417-D3D7-4C5C-96AF-9649091A5D46}C:\users\bayo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\bayo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{810C3574-EAA7-48A8-A96D-91F431D93675}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{72FE07C4-44A0-4BF1-A876-12C19DFE560B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{86107540-9700-4A7F-9D04-394F0A5C34AC}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{071E3A95-4288-4214-871A-25B22707A86F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [TCP Query User{FA468C9D-7FBB-4E69-9AD4-E5529A042776}C:\program files\autodesk\inventor 2014\moldflow\bin\mitsi.exe] => (Allow) C:\program files\autodesk\inventor 2014\moldflow\bin\mitsi.exe
FirewallRules: [UDP Query User{D72C07B1-CA46-493F-8F6A-575691BCA31A}C:\program files\autodesk\inventor 2014\moldflow\bin\mitsi.exe] => (Allow) C:\program files\autodesk\inventor 2014\moldflow\bin\mitsi.exe
FirewallRules: [TCP Query User{0C27F43D-AAC4-4457-9811-A532728F7895}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [UDP Query User{BA7395FF-9D9C-4358-89A6-93DE253CB01B}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe
FirewallRules: [TCP Query User{F55B0E2F-D8F1-4263-9296-BA9060733D05}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{7D553995-C2CC-447C-9B9E-BF4C2B67D9FD}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{2996F606-03B5-4C80-82BC-7D9402580166}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{D40A9488-AC3D-4512-ADCB-80CD16A26FFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{724459D9-4DF5-4B75-8AAB-C0CB16158EA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{8233AAAF-B700-47CC-B675-1AC87E43EC52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{AB7E096B-7E9D-4778-8535-ADBF090C3D5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{9817B89E-CEE3-4287-A5A7-BAA6511C5D5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{EAA72125-17B8-4CC7-A9DD-0B008D68C5A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{E0040D60-D4AD-4593-ADC5-2243B1F38924}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{CF211507-570E-4023-A1A7-67FF3B37CE89}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{75EE83CC-2FF1-4070-B5CA-390A599E6583}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
FirewallRules: [{ADB9CCDA-5708-4489-A12E-3ACA0FD8B447}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{E393B1D3-D426-4273-ADC0-CA0585C721C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6D2079A8-A215-4E78-9D71-1257248781A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{57C81A70-7E7B-4F3F-8D18-5B4728E7F636}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{FBCDDDE3-2DA6-475D-8567-0A50F7EC3101}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{E3A3A347-9F8B-445A-973C-F8A77C9C7CDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{91A1C87B-E88E-4392-BC9C-30056F211342}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{53BF05CD-3018-4FFF-80D3-F2CF44589989}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{AE25C5A2-2311-4609-954B-C4E3690BB621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{43E8B252-6D7C-499B-8F59-BF79F5DC4742}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [TCP Query User{25747120-F445-4256-9FE3-6A8407B8E24D}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{EF5CA555-0A73-493B-9D03-C796150EA491}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{90E89CC0-9249-4330-AFC2-E127D839F8EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D15D102-B65E-4835-9ED4-A4DB92D3ED71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6C8E9C7F-C3EA-473D-B4CA-1126E66A2FC6}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{53340C79-C326-4A9A-8C95-49230822ADED}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{6DA10A0B-A63E-4473-8E97-2C818A11492D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{81EF69C6-8DAE-415D-84A2-EFD07FA7322E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3433424C-8126-440E-97E7-F5DFB7789666}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{E740B757-16EB-421D-AED1-31C2FDB383D2}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{33EC20DB-041C-4301-B4EB-A93636A876D5}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone TOTALe
FirewallRules: [{1D594410-2535-49BE-A2C3-3C75744206E0}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone TOTALe
FirewallRules: [{30DB4E21-5AA2-42B0-9E5F-EEE7B4D17F84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{EBE94D12-6B30-44FF-AB66-81EFA3D4647C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{4042E9E4-A774-4007-A400-DFA2F7FB5431}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{BDAF8476-6DE9-4893-B08D-4CC28E46ACF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{1330450C-D0E9-445C-B500-7950F88CA238}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{E1F545C1-80A4-4513-8169-27AE73DE644E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{A53CDCD8-0F60-4B94-973D-BDA6A909E05D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{ABE06F99-9CE0-4CA3-B84C-0B8C1BFDCB31}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{5F82E687-34E2-42FF-B0E6-D7D1A7DDEDFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{80E0DF50-95FD-478E-9129-2577D61D286B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{31E3DF28-125B-4953-BE99-C05DDAFB7468}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F2F3DE9D-EDB8-4257-9B0B-CD6FA35F0EFA}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{2455A5BB-3D18-4F2A-92BD-A68CB4882A42}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{93E95AA8-6330-413B-A592-5CE563838C45}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{3F0461D7-A408-4F7E-B218-1BDCA9B7E600}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{BB190424-439C-4599-AECC-FF0F68477224}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{CA9CC13D-2CDD-4E45-A5FA-0527220D0201}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{CF774F67-C76E-4499-8C9D-048C4D6AA760}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{481DEBAC-121F-4501-9411-64E8C87A3C31}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{8E19D47B-50C2-4F14-9E4F-222266A5FB8B}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{670F95CB-064E-4D78-8BF4-2E6926320F77}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{14F13861-F738-4EF9-9C30-2ACB6B5ED9C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{06C17A48-3CA2-4715-81E1-62893FB5964F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CC3C172-8E43-496A-9EF3-F4E382EBE495}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{ABFDDFAE-1C86-4600-BBDA-0E654947F180}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{DEBD40A3-70F8-4909-B7C0-F2C61C087EFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{5A0A738A-2A1D-4B14-91E1-A2B7FB1F2180}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [TCP Query User{39A8D719-C5A4-40CC-8E38-4C02A11F93A2}C:\users\bayo\downloads\downloader_diablo2_enus.exe] => (Allow) C:\users\bayo\downloads\downloader_diablo2_enus.exe
FirewallRules: [UDP Query User{8EE8CF27-4A71-432E-8E50-D0BA43494543}C:\users\bayo\downloads\downloader_diablo2_enus.exe] => (Allow) C:\users\bayo\downloads\downloader_diablo2_enus.exe
FirewallRules: [TCP Query User{DE1076FC-3E9E-4C49-8B86-93C4F9B067C3}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [UDP Query User{56258512-93F8-4A89-8BE1-F7DC696066AF}C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of mythology\aomx.exe
FirewallRules: [{B3472891-CC41-4D67-828B-85799C203595}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

17-03-2016 11:02:36 Windows Update
18-03-2016 17:22:22 Installed Autodesk Material Library Medium Resolution Image Library 2012.
20-03-2016 19:59:37 Installed Autodesk Material Library Medium Resolution Image Library 2012.
22-03-2016 09:58:45 Installed Autodesk Material Library Medium Resolution Image Library 2012.
24-03-2016 15:52:56 Installed Autodesk Material Library Medium Resolution Image Library 2012.
28-03-2016 15:25:40 Windows Update
30-03-2016 13:07:29 Installed Autodesk Material Library Medium Resolution Image Library 2012.

==================== Faulty Device Manager Devices =============

Name: Launch Manager Wireless Device
Description: Launch Manager Wireless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Acer Incorporated
Service: LMDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2016 10:04:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:04:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:03:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:03:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:02:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:02:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:01:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 2.3.173.0, marca de tiempo: 0x56e065b4
Nombre del módulo con errores: mbamsrv.dll, versión: 6.3.9600.18202, marca de tiempo: 0x569e72c5
Código de excepción: 0xc0000142
Desplazamiento de errores: 0x0009d3c2
Identificador del proceso con errores: 0xe34
Hora de inicio de la aplicación con errores: 0xmbam.exe0
Ruta de acceso de la aplicación con errores: mbam.exe1
Ruta de acceso del módulo con errores: mbam.exe2
Identificador del informe: mbam.exe3
Nombre completo del paquete con errores: mbam.exe4
Identificador de aplicación relativa del paquete con errores: mbam.exe5

Error: (04/01/2016 10:01:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:01:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).

Error: (04/01/2016 10:00:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1224) SRUJet: Se detectó un vínculo de página erróneo(error -327) en un árbol B (IdObjeto: 13, RaízNúmPág: 55) de la base de datos C:\WINDOWS\system32\SRU\SRUDB.dat (991 => 992, svchost0).


System errors:
=============
Error: (04/01/2016 09:51:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Intel® Management and Security Application User Notification Service depende del servicio Intel® Management and Security Application Local Management Service, el cual no pudo iniciarse debido al siguiente error:
%%1053

Error: (04/01/2016 09:51:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Intel® Management and Security Application Local Management Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (04/01/2016 09:51:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Intel® Management and Security Application Local Management Service.

Error: (04/01/2016 09:50:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Intel® Management and Security Application Local Management Service no pudo iniciarse debido al siguiente error:
%%1053

Error: (04/01/2016 09:50:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Intel® Management and Security Application Local Management Service.

Error: (04/01/2016 09:49:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NI Device Loader se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/01/2016 09:48:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio NI PXI Resource Manager depende del servicio NI Service Locator, el cual no pudo iniciarse debido al siguiente error:
%%0

Error: (04/01/2016 09:48:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMService no pudo iniciarse debido al siguiente error:
%%1053

Error: (04/01/2016 09:48:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio MBAMService.

Error: (04/01/2016 09:48:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMScheduler no pudo iniciarse debido al siguiente error:
%%1053


==================== Memory info ===========================

Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 16%
Total physical RAM: 8067.27 MB
Available physical RAM: 6754.17 MB
Total Virtual: 9347.27 MB
Available Virtual: 8053.45 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.61 GB) (Free:117.24 GB) NTFS
Drive d: (bayo) (Removable) (Total:3.73 GB) (Free:3.23 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 42D27D7A)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 0006E591)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 01 April 2016 - 08:01 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 01 April 2016 - 08:17 PM

Greetings Edmorf and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Uninstalling a Program using Add/Remove Program

--------------------

I recommend the uninstalling of the below listed program(s). If you desire to keep the program I would ask that you reinstall it following our efforts here.
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Uninstall the following by clicking on the program(s) below (and any other similar names) and selecting Remove or Uninstall

IObit

  • Reboot your computer
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Click Format and check Word Wrap
  • Please copy and paste the contents of the below code box into the open notepad and save it to your Desktop as fixlist.txt. If FRST.exe is not on your Deskptop please move it to that location. (<<<Important)
CreateRestorePoint:
CloseProcesses:
C:\Program Files (x86)\badu
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\badu\sys.exe [434238 2016-03-29] (mycomputer)
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\MountPoints2: {211a25df-dbed-11e4-80ce-089e01a627a2} - "E:\_aom.exe"  
HKU\S-1-5-21-2466116663-3634806204-2722683822-1002\...\MountPoints2: {211a27ab-dbed-11e4-80ce-089e01a627a2} - "F:\instalar.exe"  
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll No File
SearchScopes: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002 -> DefaultScope {A969B05E-7725-4A06-B1A7-FA75093A050D} URL =  
SearchScopes: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002 -> {A969B05E-7725-4A06-B1A7-FA75093A050D} URL =  
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR DefaultSearchURL: Default -> hxxp://www.hohosearch.com/chrome.php?q={searchTerms}&ts=AHEpCHEqB3EtB0..&v=20160329&uid=6E4E447C9CF0118B28A3E731EE13EE9C&ptid=amz&mode=nnnb
CHR DefaultSearchKeyword: Default -> hohosearch
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [X]
S3 usb6xxxk; system32\drivers\usb6xxxkl.sys [X]
2016-03-31 17:56 - 2016-03-31 18:03 - 00000000 ____D C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-03-31 17:56 - 2016-03-31 17:56 - 00001564 _____ C:\Users\Bayo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-03-31 16:56 - 2016-03-31 20:36 - 00000464 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2016-03-31 16:56 - 2016-03-31 16:56 - 00003412 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2016-03-31 16:56 - 2016-03-31 16:56 - 00000000 ____D C:\Users\Bayo\AppData\Local\UCBrowser
2016-03-31 16:56 - 2016-03-07 22:03 - 00089840 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-03-31 16:55 - 2016-03-31 19:06 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-03-31 16:54 - 2016-03-31 16:54 - 00005120 _____ C:\Users\Bayo\AppData\Roaming\GiftBag.db
2016-03-31 16:53 - 2016-03-31 16:53 - 00000000 ____D C:\Program Files (x86)\badu
2016-03-31 16:53 - 2016-03-31 16:51 - 00132344 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-03-31 16:45 - 2016-03-31 16:45 - 02750718 _____ C:\WINDOWS\chromebrowser.exe
2016-03-24 15:52 - 2016-03-22 21:04 - 00166038 _____ C:\Users\Bayo\Documents\proyecto_omega-schem2.bak
2016-03-22 20:15 - 2016-03-24 15:52 - 00149457 _____ C:\Users\Bayo\Documents\proyecto_omega-schem2.dwg
2016-03-18 19:50 - 2016-03-22 20:02 - 00153584 _____ C:\Users\Bayo\Documents\proyecto_omega-schem.bak
2016-03-18 17:32 - 2016-03-22 20:04 - 00153584 _____ C:\Users\Bayo\Documents\proyecto_omega-schem.dwg
2016-03-17 16:09 - 2016-03-22 09:20 - 00173012 _____ C:\Users\Bayo\Documents\croquis-casa-segun-gob-Model.pdf
2016-03-17 16:07 - 2016-03-22 09:20 - 00060733 _____ C:\Users\Bayo\Documents\croquis-casa-segun-gob.bak
2016-03-17 11:51 - 2016-03-22 09:58 - 00067503 _____ C:\Users\Bayo\Documents\croquis-casa-segun-gob.dwg
2016-03-31 16:54 - 2016-03-31 16:54 - 0005120 _____ () C:\Users\Bayo\AppData\Roaming\GiftBag.db
2014-06-18 21:04 - 2014-06-18 21:04 - 0000024 _____ () C:\Users\Bayo\AppData\Roaming\temp.ini
C:\Users\Bayo\AppData\Local\Temp\7za.exe
C:\Users\Bayo\AppData\Local\Temp\AcDeltree.exe
C:\Users\Bayo\AppData\Local\Temp\Browser_V5.6.10551.6_f_4729_(Build1602291105).exe
C:\Users\Bayo\AppData\Local\Temp\DAEMON Tools Lite 10.1.0.74.exe
C:\Users\Bayo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3d3zgb.dll
C:\Users\Bayo\AppData\Local\Temp\dxdiag.exe
C:\Users\Bayo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Bayo\AppData\Local\Temp\GUR33D.exe
C:\Users\Bayo\AppData\Local\Temp\GUR418.exe
C:\Users\Bayo\AppData\Local\Temp\MediaPlayer__3137_il213892.exe
C:\Users\Bayo\AppData\Local\Temp\mesox.exe
C:\Users\Bayo\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74673_Silence.exe
C:\Users\Bayo\AppData\Local\Temp\set.exe
C:\Users\Bayo\AppData\Local\Temp\setdd.exe
C:\Users\Bayo\AppData\Local\Temp\setup.exe
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-272268382C:\Program Files (x86)\UCBrowser2-1002_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Bayo\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2466116663-3634806204-2722683822-1002_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {170817BF-2F49-4130-97C0-AF429D4DD81E} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe
Task: {BF83A6B2-7BFC-4EEC-8753-E86826207373} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-25] (IObit)
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Folder: C:\Users\Public\Documents\dmp
Folder: C:\Servicios
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed youi will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Junkware Removal Tool

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • AdwCleaner log
  • Junkware log
  • System Summary Information
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 01 April 2016 - 11:17 PM

Gary,

 

you can call me by my first name as well, I am Eduardo.

Thanks for your help! And yes, I will be patient and I will log and check in my email to see if there are any replies.

 

I managed to get almost all the points from your previous reply, the only point that I did not get right was the junkware removal.

 

1.- I uninstalled Iobit... It was also malware?

     I restarted the laptop

 

2.- I copy and paste the text note and named it fixlist.txt I then ran FRST, below is the generated fixlog.txt (was, the forum tells me that this post is too long, I will try to attach it)

 

     I restarted the laptop

 

3.- I downloaded again the adwCleaner.exe, I ran it from the USB stick, I think it found something, the log is also pasted below

     I restarted the laptop

 

4.- I downloaded again Junktool removal, copied it to the desktop and before running it, I made sure my windows firewall was turned off (Malware bytes is still knocked out) I ran it and it selfextracts and then a  little black screen appear for just a mere seconds, but there is no log file generated ???

 

5.- I checked the system and copied the summary file and it is attached and compressed (I am using 7zip)...  I don't know what happened to the attach button???

 

6.- The system is running nice and fast I guess. Probably better than before. I still can not get malwarebytes to run and I also have no internet connection, let me clarify on this. The laptop is connecting to the wifi, but the browsers are not doing their job. Other than that, it seems ok...

 

I will paste the logs starting from this point, I have only the one generated by FRST(huge) and will try to attach it as well and the one generated by AdwCleaner(small) I hope it won't create a lot of mess, I also will try to attach the compressed summary.NFO file :scratchhead: It seems to me that I have lost the attach button ???

 

 

 

# AdwCleaner v5.108 - Registro generado 01/04/2016 en 21:21:52
# Actualizado 30/03/2016 por Xplode
# Base de datos : 1984.9 [Local]
# Sistema operativo : Windows 8.1 Single Language  (x64)
# Nombre de usuario : Bayo - ACER
# Ejecutado desde : D:\progs\AdwCleaner.exe
# Opción : Limpiar
# Apoyo : http://toolslib.net/forum
 
***** [ Servicios ] *****
 
 
***** [ Carpetas ] *****
 
 
***** [ Archivos ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Accesos directos ] *****
 
 
***** [ Tareas programadas ] *****
 
 
***** [ Registro ] *****
 
 
***** [ Navegadores Web ] *****
 
[-] [C:\Users\Bayo\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] eliminar : hohosearch
 
*************************
 
:: Llaves "Tracing" removidas
:: Winsock Configuración borrada
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [13756 bytes] - [31/03/2016 19:18:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [1570 bytes] - [31/03/2016 20:27:35]
C:\AdwCleaner\AdwCleaner[C3].txt - [984 bytes] - [01/04/2016 21:21:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [13399 bytes] - [31/03/2016 19:15:59]
C:\AdwCleaner\AdwCleaner[S2].txt - [1393 bytes] - [31/03/2016 20:26:15]
C:\AdwCleaner\AdwCleaner[S3].txt - [1183 bytes] - [01/04/2016 21:20:21]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1276 bytes] ##########



#4 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 01 April 2016 - 11:33 PM

Ok, I believe I didn't select the correct reply button.

 

pasting, the fixlog.txt and attaching the summary file:

 

Ok... it is still really long, I will be attaching as well the fixlog.txt file Attached File  Fixlog.txt   337.37KB   4 downloads

 

...

 

..

 

.

 

It seems I can not upload .rar files? changed it to .zip Attached File  Summary.zip   126.45KB   2 downloads



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 02 April 2016 - 07:36 AM

Greetings Eduardo.

Thank you for the very nice reply and your efforts.
 

I uninstalled Iobit... It was also malware?

No, but BleepingComputer does not recommend using programs that manipulate the Registry because of the potential dangers if something goes wrong. I would just prefer it was out of the way while we try to resolve your issues.

Do you recognize this folder?

C:\Users\Public\Documents\dmp


Please boot into Safe Mode with Networking and check your Internet and Malwarebytes.

===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a MTB.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Behavior in Safe Mode with Networking?
  • MTB.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 02 April 2016 - 09:18 AM

Gary,

 

good day.

 

I thank you again for your efforts to help me. Here is what I did today,

 

1.- I restarted in safe mode with networking (first time ever doing that in windows 8.1, I miss the old F8) I turned on the wifi and checked the internet. The laptop counnects but neither mozilla, nor chrome can not surf. I turned off the wifi again (is just because I am a little paranoid)

Editing, I also plugged the ethernet. It never got recognized but I see that in the report it is succesfully being detected

 

Malwarebytes is still knocked out with the same error code: 0XC0000142

 

2.- also in safe mode I checked for that folder in public documents (dmp) I have no idea what is that and it was created the same day I got infected

 

3.- Also in safe mode, I downloaded the MiniToolBox and copied to the desktop frome where I executed it. I selected only the first 8 options and here is the report:

 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Bayo (administrator) on 02-04-2016 at 08:12:26
Running from "C:\Users\Bayo\Desktop"
Microsoft Windows 8.1 Single Language  (X64)
Model:  Manufacturer:  
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
========================= IE Proxy Settings: ==============================  
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ==============================  
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Adaptador de red inalámbrica Qualcomm Atheros AR5BWB222 = Wi-Fi (Media disconnected)
========================= Winsock entries =====================================
 
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560] (National Instruments Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
**** End of log ****

 

Thanks for the fast responses. I probably will be out today (work) but I will connect as soon as I can


Edited by Edmorf, 02 April 2016 - 09:21 AM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 02 April 2016 - 09:46 AM

Thank you,

I am headed out the door for a few hours and don't want to rush through you post. As soon as I return I will post a reply. Should be sometime before noon west coast time.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 02 April 2016 - 02:55 PM

Greetings,
 

I also plugged the ethernet. It never got recognized but I see that in the report it is succesfully being detected

You are one step ahead of me. :)

 

If you did not connect the ethernet cable from the computer directly into the modem (bypassing the router) please do that and tell me what happens.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 02 April 2016 - 08:01 PM

Gary,

 

hello I am back and I just ate, I am willing now to destroy any more remaining viruses... that means of course... with your help :whistle:

 

Ok, I turned on my computer in normal mode. Wifi is off (airplane mode) and I plugged the ethernet. In the taskbar it shows that I am currently connected to the wired connection. I open the browsers (I only use Firefox and sometimes chrome)... Alas! they won't connect to anyplace.

 

Malware bytes is still knocked out (same error code: 0XC0000142)

 

What should I do?

 

and by the way. I guess I should also remove the suspicious folder that you told me in your previous post?


Edited by Edmorf, 02 April 2016 - 08:02 PM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 02 April 2016 - 09:33 PM

Wifi is off (airplane mode) and I plugged the ethernet

Can you confirm the ethernet connection is going directly from the laptop to the modem and not the wireless router? Is it a combination modem/router - all in one?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 02 April 2016 - 10:39 PM

Gary,

 

It is a wifi router that has also ethernet outlets. The internet data comes from the telephone line. I guess that you were thinking of a separated module?? I don't have one of those :unsure:



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 03 April 2016 - 08:30 AM

Could you please tell me the model number of your router device.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 03 April 2016 - 09:52 AM

Hi Gary, good day

 

it is an Alcatel-Lucent, and the model is I-240W-A

the internet provider is Telmex (a company in Mexico)



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,145 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:50 PM

Posted 03 April 2016 - 02:04 PM

Thank you.

As best as I can tell your model is the same as I-240W-Q. See if the below link seems to match your actual device.

I would like you to factory reset your device. Let me know if you then have Internet.

Edited by Oh My!, 03 April 2016 - 02:05 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Edmorf

Edmorf
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tampa, Fl
  • Local time:04:50 PM

Posted 04 April 2016 - 12:44 PM

Gary,

 

sorry for not answering yesterday.

 

As far as i can tell from the scematics from the back, it looks alike.

 

Question before I reset it

 

my wife has another computer and it is connecting really fine to the internet. I also connect really well to the internet through my linux based computer. I also went today to my parent's and I tried to connect to their wifi. it has the same problem that in my house, the wifi is working but the browsers are not...

 

Isn't this a problem in my internet configuration rather than a problem with the wifi device?

 

some viruses won't allow you to connect to the internet by changing your configuration, right?


Edited by Edmorf, 04 April 2016 - 12:45 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users